forked from ISTI-ansible-roles/ansible-roles
Remove the old letsencrypt cron script, now we randomise the time inside the cron job definition itself.
This commit is contained in:
Andrea Dell'Amico
parent
86b8d03a17
commit
5dedaab7c0
|
|
@ -110,7 +110,7 @@
|
|||
- name: Install a script that requests the certificates and manage the self signed certificate
|
||||
template: src=acme-cert-request.sh.j2 dest=/usr/local/bin/acme-cert-request owner=root group=root mode=0755
|
||||
when: letsencrypt_acme_install
|
||||
tags: letsencrypt
|
||||
tags: [ 'letsencrypt', 'letsencrypt_cron' ]
|
||||
|
||||
- name: Set certificates as to be revoked
|
||||
become: True
|
||||
|
|
@ -122,15 +122,15 @@
|
|||
- letsencrypt_certs_revoke_list is defined
|
||||
tags: letsencrypt
|
||||
|
||||
- name: Install a script that will be used to renew the certificate when needed
|
||||
template: src=cron-acme-cert-request.j2 dest=/usr/local/bin/cron-acme-cert-request mode=0755
|
||||
- name: Remove the old cron script
|
||||
file: dest=/usr/local/bin/cron-acme-cert-request state=absent
|
||||
when: letsencrypt_acme_install
|
||||
tags: [ 'letsencrypt', 'letsencrypt_cron' ]
|
||||
|
||||
- name: Install a daily cron job to renew the certificates when needed
|
||||
become: True
|
||||
become_user: '{{ letsencrypt_acme_user }}'
|
||||
cron: name="Letsencrypt certificate renewal" day={{ letsencrypt_acme_cron_day_of_month }} hour={{ letsencrypt_acme_cron_hour }} minute={{ letsencrypt_acme_cron_minute }} job="/usr/local/bin/cron-acme-cert-request > {{ letsencrypt_acme_log_dir }}/acme-cron.log 2>&1"
|
||||
cron: name="Letsencrypt certificate renewal" day={{ letsencrypt_acme_cron_day_of_month }} hour={{ letsencrypt_acme_cron_hour }} minute={{ letsencrypt_acme_cron_minute }} job="/usr/local/bin/acme-cert-request > {{ letsencrypt_acme_log_dir }}/acme-cron.log 2>&1"
|
||||
when: letsencrypt_acme_install
|
||||
tags: [ 'letsencrypt', 'letsencrypt_cron' ]
|
||||
|
||||
|
|
@ -138,7 +138,7 @@
|
|||
become: True
|
||||
become_user: '{{ letsencrypt_acme_user }}'
|
||||
command: '/usr/local/bin/acme-cert-request'
|
||||
when: ( letsencrypt_new_desired_file | changed )
|
||||
when: letsencrypt_new_desired_file is changed
|
||||
ignore_errors: True
|
||||
tags: letsencrypt
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
CMD=/usr/local/bin/acme-cert-request
|
||||
|
||||
SLEEP_SECONDS=$(echo $[($RANDOM %1200)])
|
||||
sleep ${SLEEP_SECONDS}
|
||||
|
||||
/usr/local/bin/acme-cert-request
|
||||
RETVAL=$?
|
||||
|
||||
exit $RETVAL
|
||||
|
||||
Loading…
Reference in New Issue